Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/glk-GHBNCNhgRMIq69qU4MPDyY8.roa
File:                     glk-GHBNCNhgRMIq69qU4MPDyY8.roa (raw, json)
Hash identifier:          pGWkQGjgbUJPBdvY5pWArpP2fvvmLwNzu435cHokMys=
Subject key identifier:   82:59:3E:18:70:4D:08:D8:60:44:C2:2A:EB:DA:94:E0:C3:C3:C9:8F
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018A767D86BDF5472457E5640668EDA48C58
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/glk-GHBNCNhgRMIq69qU4MPDyY8.roa
Signing time:             Fri 08 Sep 2023 20:30:52 +0000
ROA not before:           Fri 08 Sep 2023 20:30:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207569
IP address blocks:        139.28.221.0/24 maxlen: 24
                          139.28.220.0/24 maxlen: 24
                          5.180.136.0/24 maxlen: 24
                          5.180.137.0/24 maxlen: 24
                          185.94.167.0/24 maxlen: 24
                          45.133.245.0/24 maxlen: 24
                          185.188.181.0/24 maxlen: 24
                          95.214.8.0/24 maxlen: 24
                          185.17.2.0/24 maxlen: 24
                          194.53.54.0/24 maxlen: 24
                          85.209.0.0/24 maxlen: 24
                          185.105.118.0/24 maxlen: 24
                          195.66.87.0/24 maxlen: 24
                          5.252.116.0/24 maxlen: 24
                          193.109.84.0/24 maxlen: 24
                          45.89.64.0/24 maxlen: 24
                          194.67.200.0/24 maxlen: 24
                          185.104.250.0/24 maxlen: 24
                          46.17.106.0/24 maxlen: 24
                          2a0a:9300:1::/48 maxlen: 48
                          2a0a:9300:aaaa::/48 maxlen: 48
                          2a0a:9300::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 15 Dec 2023 20:49:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:76:7d:86:bd:f5:47:24:57:e5:64:06:68:ed:a4:8c:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Sep  8 20:30:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82593e18704d08d86044c22aebda94e0c3c3c98f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f3:bf:39:80:b7:fe:9c:3a:cb:d6:8a:7a:3e:
                    eb:01:5b:34:69:93:70:d4:e7:80:b2:82:81:80:91:
                    5d:92:e1:5e:0a:68:02:64:27:40:ee:db:11:c0:f0:
                    f2:6d:12:d7:5b:cb:cb:a7:66:14:67:a4:d0:96:8d:
                    6e:c5:f6:bf:96:24:b4:72:be:9e:ff:2a:d7:7f:21:
                    29:0b:81:9b:bc:31:e9:2a:96:56:9c:fc:72:7b:a3:
                    e4:4f:d2:d5:64:c8:3c:ad:45:07:75:0a:e2:19:4d:
                    0e:9a:63:4e:33:a1:db:9f:73:77:7b:e4:7d:95:64:
                    44:30:7e:0a:00:a4:3d:2a:e3:ae:2f:ff:93:54:c3:
                    0b:b1:e8:05:06:3a:04:5b:95:98:2e:26:fb:0e:46:
                    37:ee:52:98:4f:af:3e:26:ee:4b:a7:68:a5:3d:6c:
                    d7:20:1f:57:c1:2e:27:4b:6b:a9:ca:72:13:84:ce:
                    c3:5c:10:c3:fe:2a:b9:5c:3d:63:63:e8:88:2e:9d:
                    13:ae:d0:46:1a:70:64:2b:7a:7b:70:d7:8e:60:af:
                    8c:77:08:eb:3e:ba:86:b4:17:d4:a1:56:a1:da:42:
                    d2:76:62:ce:be:c1:2d:94:2e:62:ce:f8:63:ed:94:
                    fe:b3:b4:cd:d0:28:a4:f1:c6:29:ed:ea:f5:7a:6e:
                    57:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:59:3E:18:70:4D:08:D8:60:44:C2:2A:EB:DA:94:E0:C3:C3:C9:8F
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/glk-GHBNCNhgRMIq69qU4MPDyY8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.136.0/23
                  5.252.116.0/24
                  45.89.64.0/24
                  45.133.245.0/24
                  46.17.106.0/24
                  85.209.0.0/24
                  95.214.8.0/24
                  139.28.220.0/23
                  185.17.2.0/24
                  185.94.167.0/24
                  185.104.250.0/24
                  185.105.118.0/24
                  185.188.181.0/24
                  193.109.84.0/24
                  194.53.54.0/24
                  194.67.200.0/24
                  195.66.87.0/24
                IPv6:
                  2a0a:9300::/32

    Signature Algorithm: sha256WithRSAEncryption
         01:ff:ee:8b:23:4a:ca:d9:c9:70:b7:8e:c3:6d:e5:6c:29:87:
         33:12:42:3c:fc:90:fe:92:8c:94:34:51:3c:32:8d:92:b5:ea:
         f6:c5:92:04:3d:99:17:4e:69:51:a6:89:07:f2:d8:f2:e3:f7:
         e3:da:11:1b:8c:0d:f1:fd:95:86:89:db:6a:a8:4e:f1:69:88:
         7c:14:5c:2e:44:bc:8b:40:e1:f0:76:76:a2:79:a4:64:73:84:
         9f:15:f2:26:10:91:de:c5:d8:fe:d4:82:54:fa:4e:e8:d0:b2:
         d8:9c:88:bb:a3:25:c2:53:97:d4:96:9a:df:db:57:d2:d6:c1:
         a8:2e:a9:94:55:76:ea:7d:48:c5:04:f7:80:fb:74:d9:52:82:
         fe:d2:3b:50:b5:b6:c3:5b:df:d4:02:8e:4d:09:b0:c5:2f:7f:
         d4:eb:0f:3a:97:f1:54:e4:bd:e6:b3:7a:45:d8:05:c6:d1:80:
         01:a1:46:3d:3e:14:7e:80:ab:ad:01:f9:cd:8c:39:3f:cd:f9:
         84:dc:83:51:67:bf:c5:40:9d:e4:0e:5a:26:a5:6f:b7:a7:7d:
         72:66:6c:82:fc:91:7e:29:01:92:7d:24:d2:76:27:ce:ec:25:
         05:99:e2:91:ff:70:d0:45:77:c7:cc:ea:2d:34:80:c5:2b:49:
         9d:b0:8e:e5
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYp2fYa99UckV+VkBmjtpIxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwOTA4MjAzMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjU5M2UxODcwNGQwOGQ4NjA0NGMyMmFlYmRhOTRlMGMzYzNjOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/O/OYC3/pw6y9aKej7rAVs0aZNw
1OeAsoKBgJFdkuFeCmgCZCdA7tsRwPDybRLXW8vLp2YUZ6TQlo1uxfa/liS0cr6e
/yrXfyEpC4GbvDHpKpZWnPxye6PkT9LVZMg8rUUHdQriGU0OmmNOM6Hbn3N3e+R9
lWREMH4KAKQ9KuOuL/+TVMMLsegFBjoEW5WYLib7DkY37lKYT68+Ju5Lp2ilPWzX
IB9XwS4nS2upynIThM7DXBDD/iq5XD1jY+iILp0TrtBGGnBkK3p7cNeOYK+Mdwjr
PrqGtBfUoVah2kLSdmLOvsEtlC5izvhj7ZT+s7TN0Cik8cYp7er1em5X3QIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFIJZPhhwTQjYYETCKuvalODDw8mPMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvZ2xrLUdIQk5DTmhnUk1JcTY5cVU0TVBEeVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAQW0iAME
AAX8dAMEAC1ZQAMEAC2F9QMEAC4RagMEAFXRAAMEAF/WCAMEAYsc3AMEALkRAgME
ALlepwMEALlo+gMEALlpdgMEALm8tQMEAMFtVAMEAMI1NgMEAMJDyAMEAMNCVzAN
BAIAAjAHAwUAKgqTADANBgkqhkiG9w0BAQsFAAOCAQEAAf/uiyNKytnJcLeOw23l
bCmHMxJCPPyQ/pKMlDRRPDKNkrXq9sWSBD2ZF05pUaaJB/LY8uP349oRG4wN8f2V
honbaqhO8WmIfBRcLkS8i0Dh8HZ2onmkZHOEnxXyJhCR3sXY/tSCVPpO6NCy2JyI
u6MlwlOX1Jaa39tX0tbBqC6plFV26n1IxQT3gPt02VKC/tI7ULW2w1vf1AKOTQmw
xS9/1OsPOpfxVOS95rN6RdgFxtGAAaFGPT4UfoCrrQH5zYw5P835hNyDUWe/xUCd
5A5aJqVvt6d9cmZsgvyRfikBkn0k0nYnzuwlBZnikf9w0EV3x8zqLTSAxStJnbCO
5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org